microsoft
/
CBL-Mariner
зеркало из https://github.com/microsoft/CBL-Mariner.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
4 780 коммитов 1 042 Ветки 470 Теги 883 MiB
Граф коммитов

46 Коммитов

Автор SHA1 Сообщение Дата
CBL-Mariner-Bot b1bbba05f0
[AUTO-CHERRYPICK] address excessively long DH keys - branch main (#6933) 
Co-authored-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2023-12-07 19:46:37 +05:30
jslobodzian eb08b37916
Bump package version to recompile binaries with fixed gcc stack prote… (#6253) 
* Bump package version to recompile binaries with fixed gcc stack protection (CVE-2023-4039)

* Bump debuginfo versions in toolchain manifests

* Bump kernel headers to match kernel

* Update SPECS/gettext/gettext.spec

Taking suggestion

Co-authored-by: Muhammad Falak R Wani <falakreyaz@gmail.com>

* Update for code review comments

* Fix for code review comment in qt5-qtdeclarative changelog

* Fix dash version for signed spec files

---------

Co-authored-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2023-09-21 17:10:15 -04:00
Dallas Delaney a856f48934
Add patch to openssl for CVE-2023-3817 (#6027) 2023-08-22 10:57:08 -07:00
aadhar-agarwal 76da9ef949
Apply patch CVE-2023-2650 in OpenSSL (#6024) 2023-08-21 15:10:53 -07:00
Daniel McIlvaney 328eadd58f
Patch CVE-2023-2650 in OpenSSL (#5644) 2023-06-08 15:52:51 -07:00
Rohit Rawat 73dc743bf1
openssl: patch CVE-2023-0465 and CVE-2023-0466 (#5285) 2023-04-12 23:33:14 +05:30
osamaesmailmsft 3bec024b98
Patching CVE-2023-0464 (openssl 1.1.1k) (#5192) 2023-03-31 15:15:07 -07:00
Olivia Crain ed96d112b2
Patch CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-202333286 in openssl (#4780) 2023-02-07 17:04:52 -08:00
nicolas guibourge 046e1783a6
openssl - nopatch CVE-2022-2097 since only for 32-bit x86 platforms (#3584) 
Co-authored-by: Nicolas Guibourge <nicolasg@microsoft.com>
 2022-08-23 10:09:10 +02:00
Pawel Winogrodzki f8454d7edc
openssl: align release number with 2.0 state. (#3532) 2022-08-16 12:24:07 -07:00
Maxwell McKee 10c3a29cfe
Fix test failure in OpenSSL (#3368) 
* Remove patch to eng_all.c

* Increment openssl package number
 2022-08-02 11:13:00 -07:00
Maxwell McKee 7de96f680a
Initial KeysInUse Integration (#3182) 
* Update openssl spec with patch

* Created RPM spec for keysinuse

* Fix keysinuse build

* Move config reads to keysinuse engine

* Update spec version

* Update version with latest release

* Update Manifests

* Verified license

* Address spec file linting

* Address PR comments

* FIx post-rebase spec file error
 2022-07-06 10:36:18 -07:00
Henry Beberman 9c774e154b
`openssl`: patch CVE-2022-2068 (#3219) 2022-06-23 15:04:49 -07:00
Henry Li 46e6dfeb3e
[main] Fix openssl package test failure (#3170) 
* fix openssl package test

* fix changelog

Co-authored-by: Henry Li <lihl@microsoft.com>
 2022-06-15 10:40:11 -07:00
Christopher Co 6c097f283b
openssl: address CVE-2022-1292 (#2997) 
* openssl: address CVE-2022-1292

* manifests: update openssl entries

Signed-off-by: Chris Co <chrco@microsoft.com>
 2022-05-16 10:11:49 -07:00
Pawel Winogrodzki 23e3f81574
[main] Updating CGmanifest verification tools source URLs. (#2914) 
* Updating source URLs and cgmanifest.json. Updating 'lcms2' to version 2.13.1.

* Updating cgmanifest.json validation script.

* Removing cgmanifest.json duplicates.

* Updating source URLs.

* Making download checks faster (thanks, Olivia!).
 2022-05-02 13:29:11 -07:00
Max Brodeur-Urbas 8fd2aee1ec
openssl: Nopatching CVE-2021-4160 (#2824) 
* openssl: Nopatching CVE-2021-4160

Co-authored-by: Christopher Co <35273088+christopherco@users.noreply.github.com>
 2022-04-21 18:47:50 -07:00
jslobodzian 00906cec1d
Enable symcrypt detection (#2582) 2022-03-24 18:46:05 -07:00
Pawel Winogrodzki b7a512a0e8
Adding a patch for CVE-2022-0778 in `openssl`. (#2518) 2022-03-18 12:12:35 -07:00
Max Brodeur-Urbas 64ec03b352
[main] forward port openssl TLS changes to main (#2466) 
* forward port openssl TLS changes to main

* correcting removed openssl line from pkkgen_core files

* fixing release number and adding extra spacing line before changelog

Co-authored-by: Dan Mihai <Daniel.Mihai@microsoft.com>
 2022-03-11 13:21:21 -08:00
Muhammad Falak R Wani f31b550a19
openssl: add an explicit BR on `perl{(Test::Harness), (Math::BigInt)}` to enable ptest (#2423) 
* openssl: add an explicit BR on `perl{(Test::Harness), (Math::BigInt)}` to enable ptest
* openssl: manifests: bump release
* openssl: appease linter
* openssl: move the bash comment back to top

Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2022-03-08 07:38:10 +05:30
Samuel Lee 1f0b8fa9b8
Initial SymCrypt + SymCrypt-OpenSSL integration (#2035) 
* Add Initial SPEC files and signatures

+ Based on Spencer's previous work, but updated to pull
  jitterentropy-library separately

* Update to remove static library from SymCrypt-OpenSSL install

+ Update cgmanifest.json, licenses.json, etc.
+ Make changes required by Spec linter

* Add OpenSSL patch (commented out by default)

+ Update SymCrypt and SymCrypt-OpenSSL SPECs

* Enable debuginfo for SCOSSL & update OpenSSL in pkggen/toolchain

* Track SymCrypt NOTICE (pointing to other LICENSEs) in %license files

+ Make libsymcrypt.so and libsymcrypt.so.101 symbolic links to
  libsymcrypt.so.101.0.0
+ Avoid installing internal SymCrypt headers (only install headers with
  symcrypt prefix)

* Fix changelog/License to pass Spec files check

* Finalize source tarball signatures for SymCrypt and SymCrypt-OpenSSL
 2022-02-28 11:20:49 -08:00
jslobodzian a16b9936d3
Fix Openssl build break (#1978) 2022-01-23 22:59:44 -08:00
chalamalasetty e5db731693
Update boost version and add puppet feature and its dependencies (#1842) 
* Update boost version and add puppet and its dependencies

* Update license versified in doxygen

* Update doxygen and hpricot sources

* update rubygem-hpricot spec

* Update source patch for rubygem-hpricot

* Fix spacing in leatherman spec

* Update websocketpp and fix CR comments

* Update websocketpp version in cgmanifest

* Update catch1 with sigstksz patch

* Update catch1 spec

* Fix rubygem-minitest package build failure

* Update License in doxygen spec
 2022-01-07 04:12:10 -08:00
Pawel Winogrodzki 77153f2702
[main] Removing redundant `%clean` stages from the spec files. (#1782) 2021-12-17 09:46:27 -08:00
jslobodzian 17b0e93e71
Merge 1.0 to dev branch 
This merge brings the latest SELinux and many packages and CVE fixes from the 1.0 branch.
 2021-08-19 13:46:51 -07:00
Thomas Crain 90f361f753 Merge branch '1.0' from April Update 2021-04-30 18:07:37 -05:00
Nicolas Ontiveros e451679727 Upgrade OpenSSL to 1.1.1k (#812) 
* Update openssl to version 1.1.1k

* Update pkggen and toolchain txt files

* Update cgmanifest
 2021-04-28 07:58:02 -07:00
Thomas Crain eae5b4006f Merge branch '1.0' into thcrain/ever-given 2021-04-06 22:39:22 -05:00
Henry Beberman af27746363 openssl patch CVE-2021-3449, CVE-2021-3450 (#794) 2021-03-25 13:35:11 -07:00
Nicolas Ontiveros 516207ee6b Fix Bugs in OpenSSL SP800-56a Rev3 Patch (#768) 2021-03-25 13:35:04 -07:00
Nicolas Ontiveros daefedb645 Add sp800-56a rev3 compliance to OpenSSL (#735) 2021-03-25 13:34:52 -07:00
Nicolas Ontiveros 13383d3997
Add FIPS patches for OpenSSL (#593) 
* Apply openssl fips patches from CentOS8

* Calculate and add hmac files for openssl

* Fix patching ec_curve

* Update pkggen and toolchain txt files

* Address openssl spec linting
 2021-02-04 07:06:19 -08:00
Nicolas Ontiveros c2d10990da
Fix openssl and python-ecdsa tests (#542) 
* Fix openssl ecdsa and ssl_new tests

* Disable nist192 tests in python-ecdsa

* Update pkggen/toolchain txt files

* Address SPEC linting for python-ecdsa
 2021-01-15 06:45:33 -08:00
Nicolas Ontiveros d80a610d9c
Remove IDEA and EC2M source code/support from OpenSSL (#524) 
* Remove support for EC2M in OpenSSL

* Remove IDEA source code from OpenSSL

* Use hobbled tarball for openssl

* Update pkggen and toolchain txt files

* Add "hobbled" tarball to OpenSSL changelog

* Add hobbled tarball code comment from Fedora

* Address spec linting
 2021-01-11 14:01:39 -08:00
Mateusz Malisz 0695cac045
Add distroless containers (#403) 
Co-authored-by: Jon Slobodzian <joslobo@microsoft.com>
 2020-12-15 16:31:49 -08:00
Joe Schmitt ef69a8e23a
Patch CVE-2020-1971 (#454) 2020-12-09 13:14:10 -05:00
Johnson George 6855f30d83 Enable package test for openssl package 2020-11-11 19:16:06 +00:00
Pawel Winogrodzki 9ec95b3ddc
Revert "Disabling the MD4 algorithm. (#272)" (#301) 
This reverts commit 85330c701f.
 2020-10-28 22:24:57 +01:00
Pawel Winogrodzki 85330c701f
Disabling the MD4 algorithm. (#272) 
Co-authored-by: Henry Beberman <henry.beberman@microsoft.com>
 2020-10-27 14:02:06 +01:00
jslobodzian 534d5bfc58
Revert "Implement "distroless" containers (#252)" (#264) 
This reverts commit e41efdda19.
 2020-10-25 18:37:45 -07:00
Mateusz Malisz e41efdda19
Implement "distroless" containers (#252) 
* Create distroless container without bash and surplus dependencies
* Remove RPM database for distroless
* Add busybox and uclibc. Add distroless-packages-debug
* Update cgmanifest

Co-authored-by: Jon Slobodzian <joslobo@microsoft.com>
Co-authored-by: MateuszMalisz <mamalisz@microsoft.com>
 2020-10-24 11:28:47 +02:00
Joe Schmitt c1d38c87c5
[dev] Split perl into subpackages (#240) 
Co-authored-by: Ruying Chen <v-ruyche@microsoft.com>
 2020-10-21 14:08:28 -07:00
Joe Schmitt f1c8b2e664
[dev] Disable openssl compression in python3 configuration (#218) 2020-10-15 11:33:32 -07:00
Joe Schmitt 5884d838e4
Enable openssl compression (#210) 2020-10-14 15:39:37 -07:00
Jon Slobodzian b877013b27 Initial CBL-Mariner commit to GitHub 2020-08-06 20:17:52 -07:00